Embodiments relate generally to transactions related to multiple domains, and, in particular, to methods and apparatus for transacting with multiple domains based on a credential.
For decades government and private institutions have created cards (or similar credentials) to establish privileges of card holders. The creator of the card can be referred to as a credential issuer. For example, a driver's license can be used as evidence that an individual has a right to operate a motor vehicle. A membership card can be used by members of a country club to obtain access to a golf course. An employee badge can be used to provide evidence of employment and often can be necessary to gain access to the employer's facilities.
Often these cards are paper cards that include various information that the credential issuer believes necessary to authenticate that the card holder is the person to whom the privileges are issued, as well as to authorize the card holder's access to the privileges. Sometimes, mere possession of the card is considered sufficient to prove a particular privilege (e.g., authorization to drive a particular vehicle, use a particular facility) that may also be specified on the card. With some cards, personal information such as height, weight, hair color, eye color, and photographs of the card holder are included on the card to support the authentication that the bearer of the card is, indeed, the person to whom the card was issued and to whom specified privileges have been granted.
As electronic technology evolved, credential issuers began issuing cards that included electronic capabilities such as magnetic strips and, now, even microchips configured to store information. This expanded electronic capability has, for example, provided an additional place to store identifying information that can be accessed during the authentication process and/or information that can be used to expose a forged card. Electronics also allow for storage of more granular levels of authorization than could be included on a convenient wallet-sized paper card. And finally, electronic components now enable both authentication and authorization to be performed remotely. For example, by sliding a card through a card reader, access can be granted to sites, rooms, computers, and even applications without physical inspection by a guard.
Through this evolution from the simple paper card to the “smart-card,” however, the identity card process has not changed. Credential issuers have continued to put both various authentication and authorization information on the card. Other than the infrastructure of card readers and computers to interpret the information held on the card, the paper-based identity-card model has remained unchanged.
Though the use of electronics holds the promise of improving our access to services and simplifying the way we gain access to services today, using the paper-based paradigm in the “information age” is reaching its limit. The shortcomings of the paper-based model include at least the following:
1. Cards are designed as single-application stovepipes and are not interoperable. This implies that individuals may need to carry many cards to access multiple services/locations. Under the known architectures an individual may be required to possess separate cards for driver's license, passport, credit cards, and employee ID. For example, government contractors may need multiple badges for federal agency access (under Homeland Security Presidential Directive-12) and for working as a guest at the facilities of teammates. First Responders are required to obtain identity cards under the Department of Homeland Security First Responder Access Credential program. And because each state may roll out its own program with its own card design, a utility worker in Tennessee may need a separate card to support disasters in each of his neighboring states. And since some disasters draw First Responders from beyond their neighboring states, individuals might also need cards from dozens of other states that require outside support.
2. Current information requirements for most smart-card programs include transient information which is costly to maintain. Updating/reissuing cards based on changes can become an expensive and onerous process. For example, a person's mailing address, which can be a common field included on many ID cards, can change frequently and trigger re-issuance of a card with each address change. Even the most common data field—the cardholder's name—is subject to change through marriage, divorce, or the simple desire to change one's name to “Bono” or “Sting.”
3. Privileges can change rapidly, but cards can't. For example, if a government contractor is fired while away from his office, it may take the employer several days to retrieve the government contractor's ID badge. Although electronic access to company systems by the government contractor may be disabled relatively quickly, disabling access to the government agency could be a manual process that could be delayed for several days until, for example, appropriate government agency authorities are notified that the government contractor was fired. As another example, the granting of additional privileges such as access to a secure room or updating an employee's card to reflect an increased security status could require significant time and cost.
4. The disclosure of personal information in an easy-to-read electronic form can result in an abuse of private information. The abuse of private information included on a card can be a significant concern. For example, information included on a card may be accessed and used to impersonate the card owner (e.g., impersonate the card owner in an on-line transaction (identity theft)), to discriminate against the card owner, and/or to access other information that could be damaging to a person's reputation and/or credit.
Thus, there is a need for methods and apparatus for transacting with multiple domains that could be independent of a credential issuer based on a credential.